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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the 

application. Please amend the claims as follows: 



Listing of Claims: 

1. (Currently Amended) A method for transmitting Internet Key Exchange (IKE) 
data packets across a network comprising the steps of: 
rP^vin p a vendor jdgn^ fixation value: 

in response tn raving th* vendor identi fication valu e, determining that IKE 

fragmentation is c apable: 

generating and transmitting an IKE packet over a networ k the TKR packet having an 

original IKE header ; 

determining whether a response to the IKE packet was received; 

fragmenting the IKE packet into a plurality of smaller packets when a response is not 
received, wherein each of the smaller packets includes a header formatted according to the IKE 
protocol; and 

transmitting each of the plurality of smaller packets over a network. 

2. (Currently Amended) The method of claim 1 wherein each ?f the smaller packets 
inglad eg , hjadgr formatted a crordipr to the IKE protocol and eaoh of the headers formatted 
a^in p tn the IKE protoco fr vWi oaoh header includes an identifier that may be used to 
associate the smaller packet with a oorrooponding the IKE packet. 

3. (Currently Amended) A network node that communicates with other network 
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nodes according to the Internet Key Exchange (IKE) protocol comprising: 

a User Datagram Protocol (UDP) stack that is capable of generating UDP data packets for 

transmission over a network; 

an IKE protocol stack that generates IKE data packets that are subsequently processed by 

the UDP protocol stack; and 

a fragmenter module that intercepts IKE data packets prior to being processed by the 
UDP protocol stack and splits the IKE data packets into a plurality of smaller data packets that 
may be subsequently formatted by the UDP protocol stack; 

wherein the fragmenter module does not split the IKE data packets unless no response to 
a previously-sent IKE data packet has been received; and 

wherein each of the plurality of smaller data packets includes a header formatted 
according to the IKE protocol gtatg information for network address translator processing . 

4. (Canceled) 

5. (Canceled) 

6 . (Currently Amended) A method for receiving fragmented Internet Key Exchange 

(IKE) data packets comprising the steps of: 

gp.nHin p a vendor identification value, the vendor identification value i ndicating IKE 

fragmentation capability: 

receiving a plurality of fragments of an IKE data packet from a transmitting node, 

wherein each fragment includes an identifier that associates each fragment with an IKE data 
packet; 

discarding all fragments that contain a first identifier if a predetermined number of 
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fragments are received that contain a second identifier; and 

determining the total size of all fragments that contain the same identifier and discarding 
said fragments when the total size exceeds a predetermined limit. 

7. (Original) The method according to claim 6 wherein the step of discarding all 
fragments that contain a first identifier is performed when at least one fragment is received that 

contains a second identifier. 

8. (Original) The method according to claim 6 further comprising the steps of: 
determining whether all fragments that are associated with an IKE data packet have been 

received; and 

sending a no acknowledgment (NAK) message to the transmitting node when at least one 
fragment has not been received, 

9. (Canceled) 

10. (Previously presented) The method according to claim 6 wherein the 

predetermined limit is 64 kilobytes. 

1 1 . (Currently Amended) A system for transmitting Internet Key Exchange (IKE) 
protocol data packets across a network comprising: 

means for generating an IKE packet; 

means for initializing, operating, and monitoring a timer; 

means for detecting whether the IKE packet was successfully received at the intended 
receiver node before the expiration of the timer; eftd 

means for fragmenting the IKE packets into smaller packets when the IKE packet was not 
successfully received at the receiver node be fett t he eviratio n n f th , li m u, thereto o ach of th » 
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satrifc pfaeke ts iu u lud iiu iufo rmntinn t b ul p m niita a rooriv u i m i ll l u i^Alfy t h r WP p nnl rnt 

wu c i ului) n ith r m 1 i l l - F rt1r " 1 l lfl lit inn n fmAi Wiullor """ ^ wilMn V£ 

pock e t, 

means for addin g a separata TKR fragme nt header to each of the smaller packets; 
means for adding state information to each of the smaller p ackets for network addrggs 
translator processing: 

means fer adding a separa t e I l*er Datagram Protocol header to each of the plurality 

smaller packets: and 

mgans fog transmitting e ach ofthg plurality of smaller packets over a network. 

1 2. (Original) The system of claim 1 1 further comprising means for determining 
the capability of the receiver node for receiving fragmented packets. 

1 3 . (Currently Amended) A method for transmitting data packets across a network 

comprising the steps of: 

generating and transmitting an Internet Key Exchange (IKE) packet over a networkjhe 

IKE packet having an original IKE header,; 

determining whether a response to the IKE packet was received; 

fragmenting the 1KB packet into a plurality of smaller packets when a response is not 
receivedi-aHdi 

lading a sg paiate IKE fra gment header to each of the plurality of smaller packets, 
herein one of the plurality of waller packets includes the original IKE header; 

„ y ina - m information to earn of the p l urality of smaller packets for network address 

translator processing: 

.HHinp a se parate I Isgr Datagam Pr oto c ol h ea d e r t o ea ch of the plurality of smaller 

5 
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packets: and 

transmitting each of the plurality of smaller packets over a network. 
14-15. (Canceled) 

16. (Currently Amended) The method of claim [[15]]11 wherein the plurality of 
smaller packets contain the same information as that contained within the original IKE packet. 

17. (Canceled) 

1 8. (Currently Amended) A method for transmitting data packets across a network 

comprising the steps of: 

receiving a vendor identification value; 

in rgg pnnse to receiving the, vendor id entification value determining that IKE 

fra gmentatio n is capable: 

generating* data packet containing Internet Key Exchange (IKE) information Jhedata 

packet havin p ^ti original IKE header; 
initializing a timer; 

determining, based at least in part on the expiration of the timer, whether fragmentation 
of the data packet is necessary to successfully transmit the IKE information over a network; ftftd 
fragmenting the data packet if necessary into a plurality of smaller packets that may be 

transmitted over a network; 

adding a ssoaratg IKE fra ^gnt header to each of the plurality of smaller packets, 
nne of th e r w.iitv nf smaller packet* includes the orip i nal IKE header; 
3^ gtatg infotmaisn to each ofthe plurality of smaller packets for network address 

translator processing: and 

oAKno g separate U«» niMram Prot ocol h e ader to each of the plurality of smaller 
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packets: and 

gangmitting each of the plur ality nf smaller packets over a network . 

19. (Canceled) 

20. (Canceled) 

21. (Canceled) 

22. (Currently Amended) A method for intelligently discarding fragmented Internet 
Key Exchange (IKE) data packets to efficiently manage resources comprising: 

gggdia g a vendor idgntifiga j ipri value, the vendor identification value, indicating IKE 

fragmenta tion capability; 

receiving a plurality of fragments of a single IKE data packet, wherein the fragments 
were transmitted from a transmitting node in an order that can be determined from infonnation 
contained within the received fragments; 

determining from information contained within the received fragments whether any of 
the received fragments have been received in an order that differs from the order in which the 
fragments were transmitted from the transmitting node; and 

discarding at least certain of the received fragments when a predetermined number of out 
of order fragments from a single IKE data packet have been received. 

23 . (Previously Presented) The method of claim 22 further including the step 
of sending a message to the transmitting node that out of order packets have been received. 
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